A critical vulnerability in the Breeze Cache plugin, identified as CVE-2026-3844, is being actively exploited by hackers, putting over 400,000 sites at risk. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken notice of this flaw and is closely monitoring its exploitation status to determine the necessary course of action. Meanwhile, CISA has added vulnerabilities in SimpleHelp, Samsung, and D-Link products to its Known Exploited Vulnerabilities catalog, highlighting the ongoing threats to various devices and systems. Additionally, a 12-year-old Pack2TheRoot bug has been discovered in Linux, and a persistent FIRESTARTER backdoor has been reported on a Cisco ASA device in a federal network1. The active exploitation of CVE-2026-3844 is a significant concern, and its status will determine whether immediate patching or continued monitoring is required, making it crucial for practitioners to stay informed about the latest developments.
Security Affairs newsletter Round 574 by Pierluigi Paganini – INTERNATIONAL EDITION
⚡ High Priority
Why This Matters
CVE-2026-3844 is in active discussion involving CISA — exploitation status determines whether this is patch-now or monitor.
References
- Paganini, P. (2026, April 26). Security Affairs newsletter Round 574 by Pierluigi Paganini – INTERNATIONAL EDITION. *SecurityAffairs*. https://securityaffairs.com/191305/breaking-news/security-affairs-newsletter-round-574-by-pierluigi-paganini-international-edition.html
Original Source
SecurityAffairs
Read original →